Java Security

1 error has occurred

Your session has timed out.

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

@RolesAllowed does not perform a nested membership check in LDAP

istavrakis-JavaNetAug 24 2012 — edited Aug 27 2012

Hi, I have a JEE6 application deployed on Glassfish server.
I'm using a form based authentication using an LDAP realm in glassfish.

I have the following problem, when I use @RolesAllowed("CUSTOMER_READ") annotation the check in LDAP is for direct membership matching not nested matching.
If the CUSTOMER_READ group has the logged in user as member everything is fine,
but if CUSTOMER_READ has a GROUP member B and B has the logged in user the authorization fails.

Does anyone know how to perform nested membership matching with JEE6 annotations on Glassfish?

Any comment will be helpful,
Thanks.

Locked Post

New comments cannot be posted to this locked post.

Locked on Sep 24 2012

Added on Aug 24 2012

#ldap, #other-security-apis-tools-and-issues

1 comment

469 views

Java Security

@RolesAllowed does not perform a nested membership check in LDAP

Comments

Post Details